(PHP 3>= 3.0.5, PHP 4 , PHP 5)

unserialize --  Creates a PHP value from a stored representation


mixed unserialize ( string str )

unserialize() takes a single serialized variable (see serialize()) and converts it back into a PHP value. The converted value is returned, and can be an integer, float, string, array or object. In case the passed string is not unserializeable, FALSE is returned.

unserialize_callback_func directive: It's possible to set a callback-function which will be called, if an undefined class should be instantiated during unserializing. (to prevent getting an incomplete object "__PHP_Incomplete_Class".) Use your php.ini, ini_set() or .htaccess to define 'unserialize_callback_func'. Everytime an undefined class should be instantiated, it'll be called. To disable this feature just empty this setting. Also note that the directive unserialize_callback_func directive became available in PHP 4.2.0.

If the variable being unserialized is an object, after successfully reconstructing the object PHP will automatically attempt to call the __wakeup() member function (if it exists).

Example 1. unserialize_callback_func example


// unserialize_callback_func directive available as of PHP 4.2.0
ini_set('unserialize_callback_func', 'mycallback'); // set your callback_function

function mycallback($classname)
// just include a file containing your classdefinition
    // you get $classname to figure out which classdefinition is required

Note: In PHP 3, methods are not preserved when unserializing a serialized object. That limitation was removed in PHP 4 as both properties and methods are now restored. Please see the Serializing Objects section of Classes and Objects or more information.

Example 2. unserialize() example

// Here, we use unserialize() to load session data to the
// $session_data array from the string selected from a database.
// This example complements the one described with serialize().

$conn = odbc_connect("webdb", "php", "chicken");
$stmt = odbc_prepare($conn, "SELECT data FROM sessions WHERE id = ?");
$sqldata = array ($PHP_AUTH_USER);
if (!
odbc_execute($stmt, &$sqldata) || !odbc_fetch_into($stmt, &$tmp)) {
// if the execute or fetch fails, initialize to empty array
$session_data = array();
} else {
// we should now have the serialized data in $tmp[0].
$session_data = unserialize($tmp[0]);
    if (!
is_array($session_data)) {
// something went wrong, initialize to empty array
$session_data = array();

See also serialize().